1 Answer
1

compare grep usr/sbin/sshd /var/lib/dpkg/info/openssh-server.md5sums to md5sum /usr/sbin/sshd. When they come up with different md5sums, you are no longer using the packaged version. If they are the same, it doesn't mean anything definitive, since anyone who is able to modify your sshd binary obviously has privileges to alter the md5sum recorded in /var/lib/dpkg/info. The next step would be to download the package with the same version from http://packages.ubuntu.com/openssh-server to a trusted computer and check the md5sum there.